* SECURITY UPDATE: Remote DoS with crafted realms during DIGEST-MD5 negotiation. * Add debian/patches/27_upstream_cvs_digest-md5-crash.diff: - plugins/digestmd5.c: Check that the provided realm is valid to avoid crash. - Patch taken from upstream CVS, fixed upstream in 2.1.21: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/ plugins/digestmd5.c.diff?r1=1.173&r2=1.175&f=u * CVE-2006-1721